Pages

2011/07/20

FreeNAS is a free Linux distribution (specifically is FreeBSD) with which you can transform an old PC into a network drive. For the numerous security features available to you this is more properly a Network Attached Storage (NAS) so it can be used in business.

FreeNAS supports the following file systems NTFS (using NTFS-3G), Ext2, Ext3, ZFS, FAT16, FAT32, UFS and UFS2. Are possible installations with iSCSI and RAID.The advantage you have with this distribution (in addition to giving a second life to older PCs) is the ease of expansion of hardware features. For example, you can easily increase the capacity of the disks (by adding new hard disk on your PC) or speed of access to the LAN (replacing the 100 Mbit network card with a 1000-Mbit or more), or simply the ease of maintenance (if something fails it is easy to replace it, as they are all standard components and cheap).Currently the version 8 is coming out. That promises further improvements! As soon as possible I will try to test it!

Stickies is a free utility with which you can write reminders on your desktop (the equivalent of colored slip of paper and sticky going to attack anywhere).

Among the notable features the ability to point out:

1) use different colors for each "package".

2) use different fonts, sizes, font styles.

3) store, discard, retrieve, export the package.

4) include an alarm reminder to show only when appropriate.

5) insert images.

6) customize the "themes" or "skin" of the leaflets.

But the feature I like best is the ability to send reminders to other users connected to the same LAN. From the book of STIKIES you can choose to which and to how many users send reminders (with confirmation of receipt).Also you can update in real time the shared address book for all users stickies on the internal network. This enables some scenarios in companies with very large offices or arranged on different floors. For example: "I remember a meeting with my colleague in an office which is 3 floors below me and that is currently busy on the phone? Well then I send him a reminder using stickies!"

Another feature allows you to send reminders by email. Update: 17-10-2014:Stickies version 8.0b add these new features:

6) prevent access to specific sites or categories of sites (such as games, social networking, sites for adults) by adopting the so-called "parental control".

OpenDNS is also suitable for companies or in places where there is a LAN with many PCs that access the Internet through a single connection. In this case it is better to configure your Internet router (and not the individual PC) by entering the DNS of OpenDNS .

There is also a paid version that provides more advanced services and features. You can also install software to use OpenDNS even if you do not have a static IP address (such as happens to those who use not permanently internet connections).

PERSONAL EXPERIENCE:

I found this service very useful in business in order to prevent user access to entire categories of websites that are NOT of STRICTLY BUSINESS interest. In addition, the function of malware signaling was useful to discover the presence of viruses that even the antivirus on the PC were not able to find out!

Zeroshell is an Italian free Linux distribution that can be installed on a standard PC and that provides the main network services a LAN normally requires (routers, bridges, Firewall, VPN, HTTP proxy, captive portal, etc..)

It is available in Live CD or Compact Flash image and you can configure and administer it via a web browser.

Anyone with a little familiarity with such hardware can reuse an old obsolete PC and turn it into the router (all at no cost!).

Among the many features provided by this tool I found very interesting:

1) The Net Balancer that can operate in two modes a) "Load Balancing and Failover" where the requests for access to the Internet are balanced automatically and in proportion to the weight of each gateway and, in the event of failure of one gateway, this is excluded from the Automatic balance b) "Failover" only one link is active at a time (the one with highest weight among those who are not in the state of Fault). The others are in the state of Spare, ready to attend in case of interruption of the active link.

Zeroshell 3.1.0 is available. This new release improves the stability of the system and corrects many bugs. Among the new features, there are some nice additions such as:

The Installation Manager that allows you to install Zeroshell in an easy way, starting from the ISO/USB image or from an already running installation.

The Weighted Bonding used to distribute traffic proportionally to the capacity of the interfaces that are part of the bond.

The Monitoring and e-Mail/SMS Alerts Suite that warns you or a team of people to the occurrence of an event. The list of events can be extended with custom event handlers.

The CNTop Utility which shows the top list of the hosts with the highest number of connections. This is very useful if a DDoS is taking place to discover the IP address causing the problem.

Among other things, the Captive portal has been improved with a special tuning and now can handle many more simultaneous users.
If you already have the release 3.0.0 installed and the repository access enabled you can automatically upgrade to Zeroshell 3.1.0 without losing the configuration just by clicking on the package 53100. Do not forget instead, that if you are planning to use the Installation Manager all data on the target disk will be destroyed so you have to backup the profile and then restore it on the new release.

May 10, 2014

Monitoring and e-Mail/SMS Alerts Suite is a new component that enable Zeroshell to keep under control some critical Events that could occur. To each event is assigned a Severity Level based on which the Recipients of eMail and SMS alerts are selected. The Severity Levels are: Info, Warning, Critical and Emergency.
This package is available for Zeroshell 3.0.0 as New Feature and is very reccomended in a production environment where some critical events may have to be handled very quickly.

January 25, 2014

A new procedure to easily install Zeroshell on disk is available as New Feature for the release 3.0.0. The Install Manager automatically resize the profile partition to use the entire disk space. Keep in mind that in a production environment, you should always prefer the installed version of Zeroshell because faster and more reliable than the Live CD version.
Please read the page http://www.zeroshell.org/installation-manager for more details.

January 13, 2014

The Weighted Bonding has been implented for Zeroshell 3.0.0 as new feature. Using the Weighted Bonding you can distribute traffic proportionally to the capacity of the interfaces that are part of the bond. Before the introduction of this feature, the traffic distribution was made by a simple Round-Robin load balancing that treated the interfaces in a uniform manner regardless of the actual available bandwidth on each of them. The direct consequence of this was that you could benefit from bonding only if the lines merged had a similar capacity . You could see that adding an ADSL line from 2Mb/s to a 7Mb/s one resulted in a bandwidth closed to 4Mbit/s. Far from the expeted 9Mb/s bandwidth.
Now with the Weighted Bonding, by assigning to the first ADSL line a weight of 2 and to the second one a weight equal to 7, you could see a bandwidth aggregation very close to the sum of the two lines members of the bonding.
Note that in the example has been intentionally omitted, for simplicity, to specify that the bonding of WAN lines only makes sense through the VPN bonding and that the weight should be assigned to the Layer 2 VPN interfaces.

January 13, 2014

The Weighted Bonding has been implented for Zeroshell 3.0.0 as new feature. Using the Weighted Bonding you can distribute traffic proportionally to the capacity of the interfaces that are part of the bond. Before the introduction of this feature, the traffic distribution was made by a simple Round-Robin load balancing that treated the interfaces in a uniform manner regardless of the actual available bandwidth on each of them. The direct consequence of this was that you could benefit from bonding only if the lines merged had a similar capacity . You could see that adding an ADSL line from 2Mb/s to a 7Mb/s one resulted in a bandwidth closed to 4Mbit/s. Far from the expeted 9Mb/s bandwidth.
Now with the Weighted Bonding, by assigning to the first ADSL line a weight of 2 and to the second one a weight equal to 7, you could see a bandwidth aggregation very close to the sum of the two lines members of the bonding.
Note that in the example has been intentionally omitted, for simplicity, to specify that the bonding of WAN lines only makes sense through the VPN bonding and that the weight should be assigned to the Layer 2 VPN interfaces.

January 2, 2014

Zeroshell 3.0.0 includes relevant new features such as the automatic update system that automatically applies security and bug fixes, and allows to upgrade to the next releases. Several bugs have been fixed and the security improved. The MRTG graphs no longer require an activation key to be viewed. There are several kernels optimized for different processors and a kernel compiled with PAE (Physical Address Extension) which allows you to use more than 4GB of RAM.

August 7, 2013

With the release 2.0.RC3 of Zeroshell some security issues have been corrected. Specifically, now the DNS works as cache and accepts recursive queries only for local networks if not configured otherwise. Recently, the DNS fully opened are being used to carry out DDoS attacks resulting in bandwidth consumption. For this reason, the migration to 2.0.RC3 is strongly recommended.
No-IP has been added as a provider for dynamic DNS and the recognition of 3G USB modems has been enhanced. You can now disable the virus scan of web pages resulting in improved performance of the transparent proxy on modest hardware.
Several fixes have been applied on the procedure for Backup and Restore of the profiles.

November 21, 2012

Zeroshell 2.0.RC2 improves the support for the load balancing and fault tolerance of multiple connections to the Internet. Particularly, this release allows to keep in Standby PPPoE (xDSL) and UMTS/HSDPA connections, activating the PPP protocol only in the event of absence of connectivity from other accesses. These connections are again placed in standby mode when connectivity is recovered from the default accesses. Improved the Failover mechanism with check in Layer 2 as well as with ICMP. Updated the VPN Bonding for bandwidth aggregation and failover of the LAN-to-LAN connections. Fixed several bugs in the system. In particular, it has been solved a problem that caused the freezing of the Captive Portal under high load.

July 25, 2012

Zeroshell 2.0.RC1 has a new kernel (3.4.6) that enables a better recognition of the latest hardware. The Wi-Fi section, using the ath9k kernel module, supports the 802.11n standard (thanks to Arth for the contribution for the upgrade of the wifi-manager). The atheling's patch was included to allow to use QoS and network balancing simultaneously. In addition to OpenVPN and IPSec/L2TP you can use PPTP as a VPN protocol for users whose authentication can be delegated also to an external RADIUS. Several bugs were fixed with particular attention to the Captive Portal.

PERSONAL EXPERIENCE:I currently use the network load balancing function of Zeroshell with two ADSL balanced connections of different ISPs and different speeds.On two other Zeroshell I use a VPN LAN-to-LAN to easily connect a company that has two offices located in different cities using their ADSL connection.

Here are some of the most important features:

- Balancing and Failover of multiple connections to the Internet;

- UMTS / HSDPA 3G modem;

- RADIUS Server

- Captive Portal

- Management of QoS (Quality of Service)

- HTTP Proxy with ClamAV open source antivirus

- Support for the functionality of the Wireless Access Point Multi SSID using WiFi network cards based on Atheros chipsets.

- VPN LAN-to-host protocol L2TP/IPsec

- VPN LAN-to-LAN with Ethernet encapsulation of SSL / TLS tunnel,

- Router with static and dynamic

- 802.1d bridge with Spanning Tree

- Firewall Packet Filter and Stateful Packet Inspection (SPI)

- Control through Firewall and QoS classification of traffic type P2P file sharing;

- Dynamic DNS client used to easily reach even when the WAN IP is dynamic.

- Client Server and NTP (Network Time Protocol);

- Syslog server for receiving and cataloging the system logs produced by the remote hosts including Unix systems, routers, switches, Wi-Fi access points, network printers and others compatible with the syslog protocol;

2011/07/14

There are at least two methods:The first method of course is to use a graphic display that has 2 video inputs (2 VGA, 2 DVI ,or 1 DVI and 1 VGA).Take the example of a display that has both VGA and DVI input, and the two computers have graphics cards with different outputs (the first PC with VGA output, the second PC with DVI output).You can then connect the 2 cables (VGA and DVI) for 2 PCs simultaneously with the same monitor. Then you press the button that changes the "display source" (VGA or DVI) depending on the PC you want to use (see).Of course this does not solve the problem of having to use double keyboards and double mouse!

The second method involves the use of a Switch KVM (Keyboard, Video, Mouse), a device that connects a keyboard, a mouse and only a single display, but which has the double output cables( or triple, etc..) tha connect the PCs to be controlled. The PCs should not be too far apart as the cables are quite short!

They are marketed both mechanical and electronic KVM switch, with different features (VGA, DVI, PS2 or USB keyboard, etc..) also KVM Switch exist for more than two PCs.PERSONAL EXPERIENCE:In the first case, the test was done for example with a Samsung SyncMaster 2243WM that has one entry VGA and one DVI, and it works!

In the second case currently I use a KVM switch (mechanical) that allows the use of one keyboard (PS2), one mouse (PS2) and a single display (VGA) connected to 2 PCs.